Internal ODIC supports Service Provider (SP)-Initiated Authentication and Identity Provider (IdP)-Initiated Authentication (SSO) flows.
Note: When using the Okta OpenID integration, the Okta user's email address must match the Internal user's email address.
In Okta's Admin Portal:
Login to the Okta Integration Network
Search and select for 'Internal OpenID Connect' (or click here)
Select the 'Sign On' tab
Find the Client ID, Client Secret, and Okta Domain. Copy these to reference for later.
Enter the External Key for your Internal Single Sign-On connection. This field can be found in your Internal Single Sign-On settings while configuring your Okta OpenID integration.
In Internal's Single Sign-On Settings:
Navigate to 'Company Settings'
Select the 'Security' tab
Select 'Single Sign-On' to open the Single Sign-On drawer.
From the Single Sign-On drawer, select 'Okta OpenID Connect' from the drop down.
Referencing the values copied from the Okta Admin Portal, configure the following fields in Internal:
Okta Client ID
Okta Client Secret
Additionally, ensure that the External Key provided in the Single Sign-On drawer has been entered in the Okta Admin Portal.
In order to test this authentication method, navigate back to the Single Sign-On drawer and select 'Test Okta Configuration'. If everything looks good, you'll be redirected to Okta and back to the Single Sign-On drawer with confirmation.